With the introduction of Appdome for Check Point SandBlast App Protect, Check Point and Appdome are on a mission to make mobile app security fast and easy. At the Check Point Experience 360 conference, Gil Shwed (Check Point CEO), did a quick survey to see who had any mobile device security or mobile app security running on their smartphones. It seemed that mostly only Check Point employees raised their hands. With our new partnership, we’re going to change that.
Why Are So Many Mobile Apps Not Secured?
Over the years, many organizations, especially in FinServ and FinTech, have been targets of malware attacks. Widespread campaigns such as Marcher and Anubis steal user credentials, financial and personal information. Furthermore, recent studies have shown that over 85% of all mobile apps don’t protect against at least one of the OWASP Mobile Top 10 risks. There are several possible reasons for this clear lapse in security. In talking to many customers around the world, it always boils down to one or more of the following obstacles.
Mistakenly Believing that Apple and Google will Take Care of Security.
Some developers mistakenly think that Apple and Google devices are secure enough to protect mobile apps. Both platforms provide some measure of protection. For example, Google Play or the Apple App Store require mobile apps to pass security scans. Google and Apple have a set of mobile security best practices that developers should follow. But, these are not enough to insulate mobile apps and users from attack.
Mobile Security Adds Friction to Release Cycles.
Mobile security is hard. Most developers are great at building excellent user experiences. To be a security expert takes a different skillset. Most mobile apps are on a very frequent release schedule (monthly, weekly and for some organizations even daily). Traditional mobile app security simply does not fit into the rapid release cycles of the modern CI/CD process of app delivery. Any security requirement that causes a roadmap delay causes friction. Product features typically win.
Heavy Lifting for Legacy Security Solutions.
CISOs are responsible for security decisions. But, the line of business and/or mobile engineering teams are responsible for feature delivery. Vendor provided security solutions that require developers to change the app’s source code line by-line and/or manually implement an SDK inside the source code is an extremely difficult, time consuming, and error prone endeavor.
In summary, what I hear when talking to our customers is, yes, we would like to add more security to our mobile apps. Still, it’s hard to do and very time consuming. We need to put it on the roadmap, or a different team owns the mobile app, and we don’t have much influence over their roadmap.
What is Check Point SandBlast App Protect?
Check Point says that “with SandBlast App Protect, mobile developers can secure their iOS and Android customer facing apps with an easy to integrate SDK. The SDK effectively detects both known and unknown threats, including malicious apps like keyloggers or banker malware that may be present on the device, vulnerabilities in the host operating environment, man-in-the-middle attacks, and more. As a result, the application is able to understand the environment in which it is operating, assess its risk, and prevent compromise.”
Appdome + Check Point SandBlast App Protect Delivers No-Code Mobile App Security in Seconds
Appdome and Check Point teamed up to make mobile app security fast and easy. The goal of the partnership is to combine Check Point’s threat defense security for mobile apps with Appdome’s mobile app security suite all inside the same mobile app. Together, this combined solution delivers the most comprehensive mobile app security in seconds without any product dependencies or resource constraints.
Check Point partnered with Appdome to overcome the same obstacles many other SDK vendors face when selling threat defense security for mobile apps. After they convince the customer of the need for mobile app protection, customers don’t always have the necessary resources to build the SDK into their mobile apps. For Check Point, these resource shortages, along with time constraints, roadmap conflicts, expertise gaps, implementation complexity, technology dependencies, all stand in the way to getting the most out of SBAP.
Appdome makes manual coding unnecessary. With Appdome for Check Point SandBlast App Protect, all of the above obstacles are eliminated because coding is not required. Customers point-and-click their way to a fully productized implementation in seconds. There’s no need to access the source code and there’s no roadmap impact. In fact, Check Point recommends Appdome as the preferred method to implement SBAP.
“Using Appdome, organizations can take the complexity out of integrating the SDK as part of the development process by instantly building Check Point’s mobile security into iOS and Android apps in seconds.”
Itai Greenberg, VP of Product Management and Marketing at Check Point
Appdome offers the following benefits over manual coding:
Instantly build SandBlast App Protect into any Android or iOS app, without code or coding.
Achieve defense-in-depth with no-code mobile app security solution using Appdome’s ONEShield™ Anti-tampering with SBAP.
Rapid release of secure mobile apps on Appdome, the world’s first AI-driven mobile solutions and security platform.
100% compatibility with any app, framework or mobile technology.
Appdome for Check Point SandBlast App Protect also puts the CISO in charge of the implementation, and solves the following problems and conflicts:
Achieve security objectives for Android and iOS apps easily.
Remove any developer dependencies for mobile app security.
Eliminate the need for engineering resources.
Remove any product and release friction.
Recommendations for Check Point Customers
If you are a Check Point customer and you are considering adding SandBlast App Protect to your mobile apps, Appdome is your best solution. Check out this video to see how easy it is.
Jan is passionate about giving mobile app developers the freedom to build the apps they want. In addition to blogging this story, he heads up marketing @Appdome. He’s based in Silicon Valley and led international, technical and product marketing at Wrike, DoubleDutch, Saba, Moxtra, SugarCRM and Cisco Webex.